<!DOCTYPE html>
<html lang="en">
<head>
  <title>The OAuth2 auth provider - Vert.x</title>
  <meta charset="utf-8">
  <meta http-equiv="X-UA-Compatible" content="IE=edge">
  <meta content="width=device-width, initial-scale=1.0" name="viewport">
  <meta content="Vert.x is a tool-kit for building reactive applications on the JVM." name="description">
  <link href="http://vertx.io/stylesheets/docs.css" media="screen" rel="stylesheet">
  <link href="http://vertx.io/stylesheets/font-awesome.min.css" media="screen" rel="stylesheet">
  <link href="http://vertx.io/javascripts/styles/rainbow.min.css" media="screen" rel="stylesheet">
  <!-- IE 6-8 support of HTML 5 elements -->
  <!--[if lt IE 9]>
  <script src="http://static.jboss.org/theme/js/libs/html5/pre3.6/html5.min.js"></script>
  <![endif]-->

  <link rel="apple-touch-icon" sizes="57x57" href="http://vertx.io/assets/favicons/vertx-favicon-7/apple-touch-icon-57x57.png">
  <link rel="apple-touch-icon" sizes="60x60" href="http://vertx.io/assets/favicons/vertx-favicon-7/apple-touch-icon-60x60.png">
  <link rel="apple-touch-icon" sizes="72x72" href="http://vertx.io/assets/favicons/vertx-favicon-7/apple-touch-icon-72x72.png">
  <link rel="apple-touch-icon" sizes="76x76" href="http://vertx.io/assets/favicons/vertx-favicon-7/apple-touch-icon-76x76.png">
  <link rel="apple-touch-icon" sizes="114x114" href="http://vertx.io/assets/favicons/vertx-favicon-7/apple-touch-icon-114x114.png">
  <link rel="apple-touch-icon" sizes="120x120" href="http://vertx.io/assets/favicons/vertx-favicon-7/apple-touch-icon-120x120.png">
  <link rel="apple-touch-icon" sizes="144x144" href="http://vertx.io/assets/favicons/vertx-favicon-7/apple-touch-icon-144x144.png">
  <link rel="apple-touch-icon" sizes="152x152" href="http://vertx.io/assets/favicons/vertx-favicon-7/apple-touch-icon-152x152.png">
  <link rel="apple-touch-icon" sizes="180x180" href="http://vertx.io/assets/favicons/vertx-favicon-7/apple-touch-icon-180x180.png">
  <link rel="icon" type="image/png" href="http://vertx.io/assets/favicons/vertx-favicon-7/favicon-32x32.png" sizes="32x32">
  <link rel="icon" type="image/png" href="http://vertx.io/assets/favicons/vertx-favicon-7/android-chrome-192x192.png" sizes="192x192">
  <link rel="icon" type="image/png" href="http://vertx.io/assets/favicons/vertx-favicon-7/favicon-96x96.png" sizes="96x96">
  <link rel="icon" type="image/png" href="http://vertx.io/assets/favicons/vertx-favicon-7/favicon-16x16.png" sizes="16x16">
  <link rel="manifest" href="http://vertx.io/assets/favicons/vertx-favicon-7/manifest.json">
  <link rel="mask-icon" href="http://vertx.io/assets/favicons/vertx-favicon-7/safari-pinned-tab.svg" color="#5bbad5">
  <meta name="msapplication-TileColor" content="#7d3194">
  <meta name="msapplication-TileImage" content="http://vertx.io/assets/favicons/vertx-favicon-7/mstile-144x144.png">
  <meta name="theme-color" content="#ffffff">

  <link href="http://fonts.googleapis.com/css?family=Ubuntu:400,500,700,400italic" rel="stylesheet" type="text/css">
  <link rel="alternate" type="application/rss+xml" title="RSS"
     href="http://vertx.io/feed.xml">
  <script>
    (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
      (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
      m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
    })(window,document,'script','//www.google-analytics.com/analytics.js','ga');
    ga('create', 'UA-30144458-1', 'auto');
    ga('create', 'UA-71153120-1', 'auto', 'tracker');
    ga('send', 'pageview');
    ga('tracker.send', 'pageview');
  </script>
</head>
<body>

<a href="http://www.reactivemanifesto.org/" id="reactive-manifesto-banner">
  <img style="border: 0; position: fixed; right: 0; top:0; z-index: 9000"
    src="http://d379ifj7s9wntv.cloudfront.net/reactivemanifesto/images/ribbons/we-are-reactive-black-right.png">
</a>

<a id="skippy" class="sr-only sr-only-focusable" href="#content"><div class="container"><span class="skiplink-text">Skip to main content</span></div></a>

<header class="navbar navbar-default navbar-static-top" id="top" role="banner">
  <div class="container">
    <div class="navbar-header">
      <button class="navbar-toggle collapsed" type="button" data-toggle="collapse" data-target="#vertx-navbar-collapse">
        <span class="sr-only">Toggle navigation</span>
        <span class="icon-bar"></span>
        <span class="icon-bar"></span>
        <span class="icon-bar"></span>
      </button>
      <a href="http://vertx.io/" class="navbar-brand"><img alt="Brand" src="http://vertx.io/assets/logo-sm.png"></a>
    </div>
    <nav class="collapse navbar-collapse" id="vertx-navbar-collapse">
      <ul class="nav navbar-nav navbar-right">
        <li><a href="http://vertx.io/download/">Download</a></li>
        <li><a href="http://vertx.io/docs/">Documentation</a></li>
        <li><a href="https://github.com/vert-x3/wiki/wiki">Wiki</a></li>
        <li><a href="http://vertx.io/community/">Community</a></li>
        <li><a href="http://vertx.io/materials/">Materials</a></li>
        <li><a href="http://vertx.io/blog/">Blog</a></li>        
      </ul>
    </nav>
  </div>
</header>



  <div class="page-header" id="content">
    <div class="container">
      <div class="row">
        <div class="col-sm-12">
          <h1>The OAuth2 auth provider</h1>
          
        </div>
      </div>
    </div>
  </div>




<div id="content">
  <div class="container docs-content">
    <div class="row">
      <div class="col-sm-12 col-md-push-9 col-md-3 hidden-xs hidden-sm">
        <div id="sidebar" data-spy="affix">
          <ul class="sectlevel1">
<li><a href="#_the_oauth2_auth_provider">The OAuth2 auth provider</a>
<ul class="sectlevel2">
<li><a href="#_authorization_code_flow">Authorization Code Flow</a></li>
<li><a href="#_password_credentials_flow">Password Credentials Flow</a></li>
<li><a href="#_client_credentials_flow">Client Credentials Flow</a></li>
<li><a href="#_getting_started">Getting Started</a></li>
<li><a href="#_accesstoken_object">AccessToken object</a></li>
<li><a href="#_example_configuration_for_common_oauth2_providers">Example configuration for common OAuth2 providers</a></li>
</ul>
</li>
</ul>
        </div>
      </div>
      <div class="col-sm-12 col-md-pull-3 col-md-9">
        <div class="toc hidden-md hidden-lg">
          <h2>Table of Contents</h2>
          <ul class="sectlevel1">
<li><a href="#_the_oauth2_auth_provider">The OAuth2 auth provider</a>
<ul class="sectlevel2">
<li><a href="#_authorization_code_flow">Authorization Code Flow</a></li>
<li><a href="#_password_credentials_flow">Password Credentials Flow</a></li>
<li><a href="#_client_credentials_flow">Client Credentials Flow</a></li>
<li><a href="#_getting_started">Getting Started</a></li>
<li><a href="#_accesstoken_object">AccessToken object</a></li>
<li><a href="#_example_configuration_for_common_oauth2_providers">Example configuration for common OAuth2 providers</a></li>
</ul>
</li>
</ul>
        </div>
        <div class="sect1">
<h2 id="_the_oauth2_auth_provider">The OAuth2 auth provider</h2>
<div class="sectionbody">
<div class="paragraph">
<p>This component contains an out of the box OAuth2 implementation.</p>
</div>
<div class="paragraph">
<p>To use this project, add the following
dependency to the <em>dependencies</em> section of your build descriptor:</p>
</div>
<div class="ulist">
<ul>
<li>
<p>Maven (in your <code>pom.xml</code>):</p>
</li>
</ul>
</div>
<div class="listingblock">
<div class="content">
<pre class="prettyprint highlight"><code class="language-xml" data-lang="xml">&lt;dependency&gt;
  &lt;groupId&gt;io.vertx&lt;/groupId&gt;
  &lt;artifactId&gt;vertx-auth-oauth2&lt;/artifactId&gt;
  &lt;version&gt;3.3.3&lt;/version&gt;
&lt;/dependency&gt;</code></pre>
</div>
</div>
<div class="ulist">
<ul>
<li>
<p>Gradle (in your <code>build.gradle</code> file):</p>
</li>
</ul>
</div>
<div class="listingblock">
<div class="content">
<pre class="prettyprint highlight"><code class="language-groovy" data-lang="groovy">compile 'io.vertx:vertx-auth-oauth2:3.3.3'</code></pre>
</div>
</div>
<div class="paragraph">
<p>OAuth2 lets users grant the access to the desired resources to third party applications, giving them the possibility
to enable and disable those accesses whenever they want.</p>
</div>
<div class="paragraph">
<p>Vert.x OAuth2 supports the following flows.</p>
</div>
<div class="ulist">
<ul>
<li>
<p>Authorization Code Flow (for apps with servers that can store persistent information).</p>
</li>
<li>
<p>Password Credentials Flow (when previous flow can&#8217;t be used or during development).</p>
</li>
<li>
<p>Client Credentials Flow (the client can request an access token using only its client credentials)</p>
</li>
</ul>
</div>
<div class="sect2">
<h3 id="_authorization_code_flow">Authorization Code Flow</h3>
<div class="paragraph">
<p>The authorization code grant type is used to obtain both access tokens and refresh tokens and is optimized for
confidential clients. As a redirection-based flow, the client must be capable of interacting with the resource
owner&#8217;s user-agent (typically a web browser) and capable of receiving incoming requests (via redirection) from the
authorization server.</p>
</div>
<div class="paragraph">
<p>For more details see <a href="http://tools.ietf.org/html/draft-ietf-oauth-v2-31#section-4.1">Oauth2 specification, section 4.1</a>.</p>
</div>
</div>
<div class="sect2">
<h3 id="_password_credentials_flow">Password Credentials Flow</h3>
<div class="paragraph">
<p>The resource owner password credentials grant type is suitable in cases where the resource owner has a trust
relationship with the client, such as the device operating system or a highly privileged application. The
authorization server should take special care when enabling this grant type, and only allow it when other flows are
not viable.</p>
</div>
<div class="paragraph">
<p>The grant type is suitable for clients capable of obtaining the resource owner&#8217;s credentials (username and password,
typically using an interactive form).  It is also used to migrate existing clients using direct authentication
schemes such as HTTP Basic or Digest authentication to OAuth by converting the stored credentials to an access token.</p>
</div>
<div class="paragraph">
<p>For more details see <a href="http://tools.ietf.org/html/draft-ietf-oauth-v2-31#section-4.3">Oauth2 specification, section 4.3</a>.</p>
</div>
</div>
<div class="sect2">
<h3 id="_client_credentials_flow">Client Credentials Flow</h3>
<div class="paragraph">
<p>The client can request an access token using only its client credentials (or other supported means of authentication)
when the client is requesting access to the protected resources under its control, or those of another resource owner
that have been previously arranged with the authorization server (the method of which is beyond the scope of this
specification).</p>
</div>
<div class="paragraph">
<p>The client credentials grant type MUST only be used by confidential clients.</p>
</div>
<div class="paragraph">
<p>For more details see <a href="http://tools.ietf.org/html/draft-ietf-oauth-v2-31#section-4.4">Oauth2 specification, section 4.4</a>.</p>
</div>
</div>
<div class="sect2">
<h3 id="_getting_started">Getting Started</h3>
<div class="paragraph">
<p>An example on how to use this provider and authenticate with GitHub can be implemented as:</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="prettyprint highlight"><code class="language-js" data-lang="js">var OAuth2Auth = require("vertx-auth-oauth2-js/o_auth2_auth");

var oauth2 = OAuth2Auth.create(vertx, 'AUTH_CODE', {
  "clientID" : "YOUR_CLIENT_ID",
  "clientSecret" : "YOUR_CLIENT_SECRET",
  "site" : "https://github.com/login",
  "tokenPath" : "/oauth/access_token",
  "authorizationPath" : "/oauth/authorize"
});

// when there is a need to access a protected resource or call a protected method,
// call the authZ url for a challenge

var authorization_uri = oauth2.authorizeURL({
  "redirect_uri" : "http://localhost:8080/callback",
  "scope" : "notifications",
  "state" : "3(#0/!~"
});

// when working with web application use the above string as a redirect url

// in this case GitHub will call you back in the callback uri one should now complete the handshake as:


var code = "xxxxxxxxxxxxxxxxxxxxxxxx";

oauth2.getToken({
  "code" : code,
  "redirect_uri" : "http://localhost:8080/callback"
}, function (res, res_err) {
  if (res_err != null) {
    // error, the code provided is not valid
  } else {
    // save the token and continue...
  }
});</code></pre>
</div>
</div>
<div class="sect3">
<h4 id="_authorization_code_flow_2">Authorization Code flow</h4>
<div class="paragraph">
<p>The Authorization Code flow is made up from two parts. At first your application asks to the user the permission to
access their data. If the user approves the OAuth2 server sends to the client an authorization code. In the second
part, the client POST the authorization code along with its client secret to the authority server in order to get the
access token.</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="prettyprint highlight"><code class="language-js" data-lang="js">var OAuth2Auth = require("vertx-auth-oauth2-js/o_auth2_auth");

// Set the client credentials and the OAuth2 server
var credentials = {
  "clientID" : "&lt;client-id&gt;",
  "clientSecret" : "&lt;client-secret&gt;",
  "site" : "https://api.oauth.com"
};


// Initialize the OAuth2 Library
var oauth2 = OAuth2Auth.create(vertx, 'AUTH_CODE', credentials);

// Authorization oauth2 URI
var authorization_uri = oauth2.authorizeURL({
  "redirect_uri" : "http://localhost:8080/callback",
  "scope" : "&lt;scope&gt;",
  "state" : "&lt;state&gt;"
});

// Redirect example using Vert.x
response.putHeader("Location", authorization_uri).setStatusCode(302).end();

var tokenConfig = {
  "code" : "&lt;code&gt;",
  "redirect_uri" : "http://localhost:3000/callback"
};

// Callbacks
// Save the access token
oauth2.getToken(tokenConfig, function (res, res_err) {
  if (res_err != null) {
    console.error("Access Token Error: " + res_err.getMessage());
  } else {
    // Get the access token object (the authorization code is given from the previous step).
    var token = res;
  }
});</code></pre>
</div>
</div>
</div>
<div class="sect3">
<h4 id="_password_credentials_flow_2">Password Credentials Flow</h4>
<div class="paragraph">
<p>This flow is suitable when the resource owner has a trust relationship with the client, such as its computer
operating system or a highly privileged application. Use this flow only when other flows are not viable or when you
need a fast way to test your application.</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="prettyprint highlight"><code class="language-js" data-lang="js">var OAuth2Auth = require("vertx-auth-oauth2-js/o_auth2_auth");

// Initialize the OAuth2 Library
var oauth2 = OAuth2Auth.create(vertx, 'PASSWORD');

var tokenConfig = {
  "username" : "username",
  "password" : "password"
};

// Callbacks
// Save the access token
oauth2.getToken(tokenConfig, function (res, res_err) {
  if (res_err != null) {
    console.error("Access Token Error: " + res_err.getMessage());
  } else {
    // Get the access token object (the authorization code is given from the previous step).
    var token = res;

    oauth2.api('GET', "/users", {
      "access_token" : token.principal().access_token
    }, function (res2, res2_err) {
      // the user object should be returned here...
    });
  }
});</code></pre>
</div>
</div>
</div>
<div class="sect3">
<h4 id="_client_credentials_flow_2">Client Credentials Flow</h4>
<div class="paragraph">
<p>This flow is suitable when client is requesting access to the protected resources under its control.</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="prettyprint highlight"><code class="language-js" data-lang="js">var OAuth2Auth = require("vertx-auth-oauth2-js/o_auth2_auth");

// Set the client credentials and the OAuth2 server
var credentials = {
  "clientID" : "&lt;client-id&gt;",
  "clientSecret" : "&lt;client-secret&gt;",
  "site" : "https://api.oauth.com"
};


// Initialize the OAuth2 Library
var oauth2 = OAuth2Auth.create(vertx, 'CLIENT', credentials);

var tokenConfig = {
};

// Callbacks
// Save the access token
oauth2.getToken(tokenConfig, function (res, res_err) {
  if (res_err != null) {
    console.error("Access Token Error: " + res_err.getMessage());
  } else {
    // Get the access token object (the authorization code is given from the previous step).
    var token = res;
  }
});</code></pre>
</div>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_accesstoken_object">AccessToken object</h3>
<div class="paragraph">
<p>When a token expires we need to refresh it. OAuth2 offers the AccessToken class that add a couple of useful methods
to refresh the access token when it is expired.</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="prettyprint highlight"><code class="language-js" data-lang="js">// Check if the token is expired. If expired it is refreshed.
if (token.expired()) {
  // Callbacks
  token.refresh(function (res, res_err) {
    if (res_err == null) {
      // success
    } else {
      // error handling...
    }
  });
}</code></pre>
</div>
</div>
<div class="paragraph">
<p>When you&#8217;ve done with the token or you want to log out, you can revoke the access token and refresh token.</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="prettyprint highlight"><code class="language-js" data-lang="js">// Revoke only the access token
token.revoke("access_token", function (res, res_err) {
  // Session ended. But the refresh_token is still valid.

  // Revoke the refresh_token
  token.revoke("refresh_token", function (res1, res1_err) {
    console.log("token revoked.");
  });
});</code></pre>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_example_configuration_for_common_oauth2_providers">Example configuration for common OAuth2 providers</h3>
<div class="sect3">
<h4 id="_google">Google</h4>
<div class="listingblock">
<div class="content">
<pre class="prettyprint highlight"><code class="language-js" data-lang="js">var OAuth2Auth = require("vertx-auth-oauth2-js/o_auth2_auth");
// Set the client credentials and the OAuth2 server
var credentials = {
  "clientID" : "CLIENT_ID",
  "clientSecret" : "CLIENT_SECRET",
  "site" : "https://accounts.google.com",
  "tokenPath" : "https://www.googleapis.com/oauth2/v3/token",
  "authorizationPath" : "/o/oauth2/auth"
};


// Initialize the OAuth2 Library
var oauth2 = OAuth2Auth.create(vertx, 'CLIENT', credentials);</code></pre>
</div>
</div>
</div>
<div class="sect3">
<h4 id="_github">GitHub</h4>
<div class="listingblock">
<div class="content">
<pre class="prettyprint highlight"><code class="language-js" data-lang="js">var OAuth2Auth = require("vertx-auth-oauth2-js/o_auth2_auth");
// Set the client credentials and the OAuth2 server
var credentials = {
  "clientID" : "CLIENT_ID",
  "clientSecret" : "CLIENT_SECRET",
  "site" : "https://github.com/login",
  "tokenPath" : "/oauth/access_token",
  "authorizationPath" : "/oauth/authorize"
};


// Initialize the OAuth2 Library
var oauth2 = OAuth2Auth.create(vertx, 'CLIENT', credentials);</code></pre>
</div>
</div>
</div>
<div class="sect3">
<h4 id="_linkedin">Linkedin</h4>
<div class="listingblock">
<div class="content">
<pre class="prettyprint highlight"><code class="language-js" data-lang="js">var OAuth2Auth = require("vertx-auth-oauth2-js/o_auth2_auth");
// Set the client credentials and the OAuth2 server
var credentials = {
  "clientID" : "CLIENT_ID",
  "clientSecret" : "CLIENT_SECRET",
  "site" : "https://www.linkedin.com",
  "authorizationPath" : "/uas/oauth2/authorization",
  "tokenPath" : "/uas/oauth2/accessToken"
};


// Initialize the OAuth2 Library
var oauth2 = OAuth2Auth.create(vertx, 'CLIENT', credentials);</code></pre>
</div>
</div>
</div>
<div class="sect3">
<h4 id="_twitter">Twitter</h4>
<div class="listingblock">
<div class="content">
<pre class="prettyprint highlight"><code class="language-js" data-lang="js">var OAuth2Auth = require("vertx-auth-oauth2-js/o_auth2_auth");
// Set the client credentials and the OAuth2 server
var credentials = {
  "clientID" : "CLIENT_ID",
  "clientSecret" : "CLIENT_SECRET",
  "site" : "https://api.twitter.com",
  "authorizationPath" : "/oauth/authorize",
  "tokenPath" : "/oauth/access_token"
};


// Initialize the OAuth2 Library
var oauth2 = OAuth2Auth.create(vertx, 'CLIENT', credentials);</code></pre>
</div>
</div>
</div>
<div class="sect3">
<h4 id="_facebook">Facebook</h4>
<div class="listingblock">
<div class="content">
<pre class="prettyprint highlight"><code class="language-js" data-lang="js">var OAuth2Auth = require("vertx-auth-oauth2-js/o_auth2_auth");
// Set the client credentials and the OAuth2 server
var credentials = {
  "clientID" : "CLIENT_ID",
  "clientSecret" : "CLIENT_SECRET",
  "site" : "https://www.facebook.com",
  "authorizationPath" : "/dialog/oauth",
  "tokenPath" : "https://graph.facebook.com/oauth/access_token"
};


// Initialize the OAuth2 Library
var oauth2 = OAuth2Auth.create(vertx, 'CLIENT', credentials);</code></pre>
</div>
</div>
</div>
<div class="sect3">
<h4 id="_jboss_keycloak">JBoss Keycloak</h4>
<div class="paragraph">
<p>When working with keycloak it will be quite simple to setup the OAuth2 provider, just export the JSON config from the
web UI and use it as the OAuth2 config with the helper class <code><a href="../dataobjects.html#OAuth2ClientOptions">OAuth2ClientOptions</a></code>.</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="prettyprint highlight"><code class="language-js" data-lang="js">var OAuth2Auth = require("vertx-auth-oauth2-js/o_auth2_auth");
// After setting up the application and users in keycloak export
// the configuration json file from the web interface and load it in your application e.g.:

var keycloakJson = {
  "realm" : "master",
  "realm-public-key" : "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGQkaBkiZWpUjFOuaabgfXgjzZzfJd0wozrS1czX5qHNKG3P79P/UtZeR3wGN8r15jVYiH42GMINMs7R7iP5Mbm1iImge5p/7/dPmXirKOKOBhjA3hNTiV5BlPDTQyiuuTAUEms5dY4+moswXo5zM4q9DFu6B7979o+v3kX6ZB+k3kNhP08wH82I4eJKoenN/0iCT7ALoG3ysEJf18+HEysSnniLMJr8R1pYF2QRFlqaDv3Mqyp7ipxYkt4ebMCgE7aDzT6OrfpyPowObpdjSMTUXpcwIcH8mIZCWFmyfF675zEeE0e+dHKkL1rPeCI7rr7Bqc5+1DS5YM54fk8xQwIDAQAB",
  "auth-server-url" : "http://localhost:9000/auth",
  "ssl-required" : "external",
  "resource" : "frontend",
  "credentials" : {
    "secret" : "2fbf5e18-b923-4a83-9657-b4ebd5317f60"
  }
};

// Initialize the OAuth2 Library
var oauth2 = OAuth2Auth.createKeycloak(vertx, 'CLIENT', keycloakJson);</code></pre>
</div>
</div>
<div class="paragraph">
<p>When using this approach the provider has knowledge on how to parse access tokens and extract grants from inside.
This information is quite valuable since it allows to do authorization at the API level, for example:</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="prettyprint highlight"><code class="language-js" data-lang="js">var OAuth2Auth = require("vertx-auth-oauth2-js/o_auth2_auth");
// you can now use this config with the OAuth2 provider like this:
var keycloakJson = {
  "realm" : "master",
  "realm-public-key" : "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGQkaBkiZWpUjFOuaabgfXgjzZzfJd0wozrS1czX5qHNKG3P79P/UtZeR3wGN8r15jVYiH42GMINMs7R7iP5Mbm1iImge5p/7/dPmXirKOKOBhjA3hNTiV5BlPDTQyiuuTAUEms5dY4+moswXo5zM4q9DFu6B7979o+v3kX6ZB+k3kNhP08wH82I4eJKoenN/0iCT7ALoG3ysEJf18+HEysSnniLMJr8R1pYF2QRFlqaDv3Mqyp7ipxYkt4ebMCgE7aDzT6OrfpyPowObpdjSMTUXpcwIcH8mIZCWFmyfF675zEeE0e+dHKkL1rPeCI7rr7Bqc5+1DS5YM54fk8xQwIDAQAB",
  "auth-server-url" : "http://localhost:9000/auth",
  "ssl-required" : "external",
  "resource" : "frontend",
  "credentials" : {
    "secret" : "2fbf5e18-b923-4a83-9657-b4ebd5317f60"
  }
};

// Initialize the OAuth2 Library
var oauth2 = OAuth2Auth.createKeycloak(vertx, 'PASSWORD', keycloakJson);

// first get a token (authenticate)
oauth2.getToken({
  "username" : "user",
  "password" : "secret"
}, function (res, res_err) {
  if (res_err != null) {
    // error handling...
  } else {
    var token = res;

    // now check for permissions
    token.isAuthorised("account:manage-account", function (r, r_err) {
      if (r) {
        // this user is authorized to manage its account
      }
    });
  }
});</code></pre>
</div>
</div>
</div>
</div>
</div>
</div>

        

        
          <div id="footer">
            <div id="footer-text">
              
                Last updated 2016-09-12 08:38:04 CEST
              
              
            </div>
          </div>
        
      </div>
    </div>
  </div>
</div>

<footer>
  <div class="container">
    <div class="row">
      <div class="col-xs-6 col-sm-3 col-md-3 col-lg-2">
        <h2>Vert.x</h2>
        <ul class="list-unstyled">
          <li><a href="http://vertx.io/">Home</a></li>
          <li><a href="http://vertx.io/download/">Download</a></li>
          <li><a href="http://vertx.io/docs/">Documentation</a></li>
          <li><a href="https://github.com/vert-x3/wiki/wiki">Wiki</a></li>
          <li><a href="http://vertx.io/blog/">Blog</a></li>
          <li><a href="http://vertx.io/vertx2/" class="vertx-2-link">Vert.x 2</a></li>
        </ul>
      </div>
      <div class="col-xs-6 col-sm-3 col-md-3 col-lg-2">
        <h2>Community</h2>
        <ul class="list-unstyled">
          <li><a href="http://vertx.io/community/">Help &amp; Contributors</a></li>
          <li><a href="http://vertx.io/materials/">Learning materials</a></li>
          <li><a href="https://groups.google.com/forum/?fromgroups#!forum/vertx">User Group</a></li>
          <li><a href="https://groups.google.com/forum/?fromgroups#!forum/vertx-dev">Developer Group</a></li>
        </ul>
      </div>

      <div class="col-xs-12 col-sm-6 col-lg-offset-2 col-md-6 copyright">
        <p>Vert.x is open source and dual licensed under the <a href="https://www.eclipse.org/org/documents/epl-v10.php">Eclipse Public License 1.0</a> and <a href="https://www.apache.org/licenses/LICENSE-2.0.html">Apache License 2.0</a>.</p>
        <p>This website is licensed under the <a href="http://creativecommons.org/licenses/by-sa/3.0/">CC BY-SA 3.0 License</a>.<br>
        Design by <a href="http://www.michel-kraemer.com">Michel Kr&auml;mer</a>. <a href="http://www.entypo.com">Entypo pictograms</a> by Daniel Bruce.</p>
        <div class="row">
          <div class="col-xs-12 col-lg-offset-1 col-md-5">
            <a href="http://eclipse.org">
            <img class="logo eclipse-logo" src="http://vertx.io/assets/eclipse_logo_grey_small.png" width="204" height="48">
            </a>
          </div>
          <div class="col-xs-12 col-md-offset-2 col-lg-offset-0 col-md-5">
            <a href="http://cloudbees.com">
            <img class="logo cloudbees-logo" src="http://vertx.io/assets/Button-Built-on-CB-1-grey.png" width="180" height="48">
           </a>
          </div>
          <div class="col-xs-12 col-md-offset-2 col-lg-offset-1 col-md-5 jprofiler">
            <a href="http://www.ej-technologies.com/products/jprofiler/overview.html"
            style="text-decoration:none">
            <img class="logo jprofiler-logo" src="http://vertx.io/assets/jprofiler-logo.png" width="48" height="48"><span class="jprofiler-logo">&nbsp; JPROFILER</span>
            </a>
          </div>
        </div>
      </div>
    </div>
  </div>
</footer>

<script src="http://static.jboss.org/theme/js/libs/jquery/jquery-1.9.1.min.js"></script>
<script src="http://vertx.io/javascripts/bootstrap.min.js"></script>
<script src="http://vertx.io/javascripts/highlight.pack.js"></script>
<script>hljs.initHighlightingOnLoad();</script>



<script src="http://vertx.io/javascripts/sidebar.js"></script>


</body>
</html>
